<?php

	include_once('db/config.php');
	
	class user
	{
		public $id;
		public $firstName;
		public $lastName;
		public $address1;
		public $address2;
		public $country;
		public $dob;
		public $type;
		public $password;
		public $emailAddress;
		public $creditcardNo;
		public $loggedIn;
		public $timedOut;
		
		public function __construct()
		{
			$this->id = '';
			$this->firstName = '';
			$this->lastName = '';
			$this->address1 = '';
			$this->address2 = '';
			$this->country = '';
			$this->dob = '';
			$this->type = 'user';
			$this->password = '';
			$this->emailAddress = '';
			$this->creditcardNo = '';
			$this->loggedIn = false;
			$this->timedOut = false;
		}
		
		public function setUser($id='',$firstName='',$lastName='',$address1='',$address2='',$country='',$dob='',$type='user',$password='',$emailAddress='',$creditcardNo='')
		{
			$this->id = $id;
			$this->firstName = $firstName;
			$this->lastName = $lastName;
			$this->address1 = $address1;
			$this->address2 = $address2;
			$this->country = $country;
			$this->dob = $dob;
			$this->type = $type;
			$this->password = $password;
			$this->emailAddress = $emailAddress;	
			$this->creditcardNo = $creditcardNo; 
		}
		
		public function isLoggedIn()
		{
			if((isset($_SESSION['emailAddress'])) && (isset($_SESSION['password'])))
			{
				$this->emailAddress = $_SESSION['emailAddress'];
				try
				{
					if($this->retrieveUser())
					{	
						if($this->password == $_SESSION['password'])
						{
							$this->password == $_SESSION['password'];
							$this->loggedIn = true;
							return true;
						}
					}
					$this->loggedIn = false;
					return false;
				}
				catch(Exception $ex)
				{
					throw new Exception($ex->getMessage());
				}
			}
			return false;
		}
		
		public function loginUser($emailAddress, $password)
		{
			$this->emailAddress = $emailAddress;
			try
			{
				if($this->retrieveUser())
				{	
					if($this->password == $password)
					{
						$_SESSION['emailAddress'] = $this->emailAddress;
						$_SESSION['password'] = $this->password;
						
						if($this->type != 'admin')
						{
							$this->loggedIn =  true;
							$_SESSION['lastActiveTime'] = time();
						}
						$this->timedOut = false;
						return true;
					}
				}
				$this->loggedIn = false;
				return false;
			}
			catch(Exception $ex)
			{
				throw new Exception($ex->getMessage());
			}
		}
		
		public function retrieveUser()
		{
			try
			{
				connectDb("everythingdb");
				global $dbLink;
				$resultPointer = mysqli_query($dbLink,"call sp_getUser('".mysqli_real_escape_string($dbLink,$this->emailAddress)."')");
				if($resultPointer)
				{
					while($resultRow = mysqli_fetch_array($resultPointer))
					{
						$this->setUser($resultRow['id'],$resultRow['first_name'],$resultRow['last_name'],$resultRow['address1'],$resultRow['address2'],$resultRow['country_code'],$resultRow['dob'],$resultRow['type'],$resultRow['password'],$resultRow['email_address'],$resultRow['creditcard_no'],$resultRow['type']);
					}
					return true;
				}
				else
				{
					return false;
				}
			}
			catch(Exception $ex)
			{
				throw new Exception($ex->getMessage());
			}
		}
		
		public function registerUser()
		{
			try
			{
				connectDb("everythingdb");
				global $dbLink;
				$queryString = "call sp_registerUser('".mysqli_real_escape_string($dbLink,$this->firstName)."','".mysqli_real_escape_string($dbLink,$this->lastName)."','".mysqli_real_escape_string($dbLink,$this->address1)."','".mysqli_real_escape_string($dbLink,$this->address2)."',".mysqli_real_escape_string($dbLink,$this->country).",'".mysqli_real_escape_string($dbLink,$this->dob)."','".md5(mysqli_real_escape_string($dbLink,$this->password))."','".mysqli_real_escape_string($dbLink,$this->emailAddress)."','"."user')";
				$resultPointer = mysqli_query($dbLink,$queryString);
				echo $resultPointer;
				if($resultPointer)
				{
					return true;
				}
				else
				{
					$queryError = mysqli_errno($dbLink);
					if($queryError!=0)
					{
						parseDatabaseError($queryError);
					}
					return false;
				}
			}
			catch(Exception $ex)
			{
				throw new Exception($ex->getMessage());
			}
		}
		
		public function updateUser()
		{
			try
			{
				connectDb("everythingdb");
				global $dbLink;
				$queryString = "call sp_updateUser(".mysqli_real_escape_string($dbLink,$this->id).",'".mysqli_real_escape_string($dbLink,$this->firstName)."','".mysqli_real_escape_string($dbLink,$this->lastName)."','".mysqli_real_escape_string($dbLink,$this->address1)."','".mysqli_real_escape_string($dbLink,$this->address2)."',".mysqli_real_escape_string($dbLink,$this->country).",'".mysqli_real_escape_string($dbLink,$this->dob)."')";
				$resultPointer = mysqli_query($dbLink,$queryString);
				if($resultPointer)
				{
					return true;
				}
				else
				{
					return false;
				}
			}
			catch(Exception $ex)
			{
				throw new Exception($ex->getMessage());
			}
		}
		
		public function changePassword($newPassword)
		{
			try
			{
				connectDb("everythingdb");
				global $dbLink;
				$queryString = "call sp_changePassword(".mysqli_real_escape_string($dbLink,$this->id).",'".mysqli_real_escape_string($dbLink,$newPassword)."')";
				$resultPointer = mysqli_query($dbLink,$queryString);
				//echo $queryString;
				if($resultPointer)
				{
					return true;
				}
				else
				{
					return false;
				}
			}
			catch(Exception $ex)
			{
				throw new Exception($ex->getMessage());
			}
		}

		public function changeCreditCard($creditcardNo)
		{
			try
			{
				connectDb("everythingdb");
				global $dbLink;
				$queryString = "call sp_changeCreditCard(".mysqli_real_escape_string($dbLink,$this->id).",'".mysqli_real_escape_string($dbLink,$creditcardNo)."')";
				$resultPointer = mysqli_query($dbLink,$queryString);
				//echo $queryString;
				if($resultPointer)
				{
					$this->creditcardNo = $creditcardNo;
					return true;
				}
				else
				{
					return false;
				}
			}
			catch(Exception $ex)
			{
				throw new Exception($ex->getMessage());
			}
		}
		
		
		public function logoutUser()
		{
			setcookie('emailAddress',$this->emailAddress,time()*60*24);
			if(isset($_SESSION['emailAddress']))
			{
				unset($_SESSION['emailAddress']);
			}
			if(isset($_SESSION['password']))
			{
				unset($_SESSION['password']);
			}
			if(isset($_SESSION['lastActiveTime']))
			{
				unset($_SESSION['lastActiveTime']);
			}
			$this->loggedIn = false;
			return true;
		}
		
		public function isTimedOut()
		{
			//$currentTime = time();
			if(isset($_SESSION['lastActiveTime']))
			{
				$idleTime = time() - $_SESSION['lastActiveTime'] ;
				
				if(($idleTime/60)>5)
				{	
					$this->timedOut = true;
					return true;
				}
				else
				{
					$this->timedOut = false;
					$_SESSION['lastActiveTime'] = time();
					return false;
				}
			}
			else
			{
				return true;
			}
		}
		public function timeoutUser()
		{
			if(isset($_SESSION['lastActiveTime']))
			{
				$idleTime = time() - $_SESSION['lastActiveTime'] ;
				
				if(($idleTime/60)>5)
				{	
					$this->timedOut = true;
					$this->logoutUser();
					return true;
				}
				else
				{
					$this->timedOut = false;
					$_SESSION['lastActiveTime'] = time();
					return false;
				}
			}
			else
			{
				return true;
			}
		}
		
		public function parseDatabaseError($errorCode)
		{
			switch($errorCode)
			{
				case 1032:
					throw new Exception("User account cannot be found. ");
				break;
				case 1452:
					throw new Exception("This user account does not exist.");
				break;
				case 1169:
					throw new Exception("This user account already exist exist.");
				break;
			}
		}
	}

?>